On Fri, Jan 11, 2002 at 07:39:39PM -0500, David Chin wrote: > In message <000001c19ac3$3d79feb0$0200a8c0@slacker>, "Kevin Lisciotti" writes: > > What I am looking for is possibly a whitepaper or how-to on setting > > up a secure shell server. > > You have 2 options: > i) use openssh [..] > ii) use SSH.com's SSH [..]
Actually, I think Kevin was after more than "here is where to download sshd"; I think he was after something more like, "to have shell users on your system that you don't trust, you need to enable quotas, use PAM's login limits, turn on process accounting, look into security-enhancing patches to help harden the system, make sure you understand why every setuid and setgid executable on the machine has those bits, send system logs off to another host, and for the love of god, keep up on updates." Well, perhaps not the "keep up on updates" -- I'm sure Kevin already knew that piece. But one would be surprised how frequently updates are ignored. :( I'd suggest checking Kurt Seifried's Linux Administrator's Security Guide. I don't know if he has updated it recently or not, but it ought to be worth reading nonetheless. http://www.seifried.org/lasg/ -- "I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's." -- Kee Hinckley
msg00142/pgp00000.pgp
Description: PGP signature
